公开(公告)号：US10334445B2

公开(公告)日：2019-06-25

申请号：US14882700

申请日：2015-10-14

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Poon Kuen Leung ,  Liu Huang ,  Vishwas Vijendra Bhat ,  Shweta Arvind Saraf

IPC: H04L29/06 ,  H04W12/12 ,  H04W88/16 ,  H04W12/10 ,  H04W84/12

Abstract: A computer-implemented method is provided for a management entity to detect where a rogue access point is connected to the network infrastructure. The management entity receives from a wireless network controller an indication of an unauthorized frame wirelessly intercepted by an authorized access point. The unauthorized frame carries data between a rogue access point and a wireless client device. The rogue access point is connected to a compromised network element in a managed network at a compromised port of the compromised network element. The management entity extracts a client network address and a gateway network address from the indication of the unauthorized frame. The management entity traces a path through the managed network from a gateway network element associated with the gateway network address to the compromised network element. The management entity determines the compromised port in the compromised network element at which the rogue access point is connected.

公开(公告)号：US20170111360A1

公开(公告)日：2017-04-20

申请号：US14882700

申请日：2015-10-14

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Poon Kuen Leung ,  Liu Huang ,  Vishwas Vijendra Bhat ,  Shweta Arvind Saraf

IPC: H04L29/06 ,  H04W48/16

CPC classification number: H04W12/12 ,  H04W12/00512 ,  H04W12/10 ,  H04W84/12 ,  H04W88/16

Abstract: A computer-implemented method is provided for a management entity to detect where a rogue access point is connected to the network infrastructure. The management entity receives from a wireless network controller an indication of an unauthorized frame wirelessly intercepted by an authorized access point. The unauthorized frame carries data between a rogue access point and a wireless client device. The rogue access point is connected to a compromised network element in a managed network at a compromised port of the compromised network element. The management entity extracts a client network address and a gateway network address from the indication of the unauthorized frame. The management entity traces a path through the managed network from a gateway network element associated with the gateway network address to the compromised network element. The management entity determines the compromised port in the compromised network element at which the rogue access point is connected.